Don't output warnings in JSON in parent when mass testing

This addresses #1169: When using JSON as output format when mass testing
AND we have a non-fatal condition when e.g. openssl lacks support for
something it led to an invalid JSON as the warning was put into file w/o
a trailing comma.

The commit removes the warning to be put into the output. We still have the
message on screen + in HTML which is not as optimal as it could be.

Also I did some cleanups related to redundant double quotes I stumbled over while
fixing this.
This commit is contained in:
Dirk 2018-12-11 10:03:58 +01:00
parent ab7ca281c0
commit 4f920a389a
1 changed files with 20 additions and 16 deletions

View File

@ -699,6 +699,8 @@ strip_quote() {
-e 's/ *$//g' <<< "$1" -e 's/ *$//g' <<< "$1"
} }
# " deconfuse vim\'s syntax highlighting ;-)
#################### JSON FILE FORMATTING #################### #################### JSON FILE FORMATTING ####################
fileout_json_footer() { fileout_json_footer() {
@ -836,15 +838,10 @@ fileout_pretty_json_banner() {
} }
fileout_banner() { fileout_banner() {
#if ! "$APPEND"; then if "$JSONHEADER"; then
# if "$CSVHEADER"; then # "$do_json" && # here we maybe should add a banner, too
# : "$do_pretty_json" && (printf "%s\n" "$(fileout_pretty_json_banner)") >> "$JSONFILE"
# fi fi
if "$JSONHEADER"; then
# "$do_json" && # here we maybe should add a banner, too
"$do_pretty_json" && (printf "%s\n" "$(fileout_pretty_json_banner)") >> "$JSONFILE"
fi
#fi
} }
fileout_separator() { fileout_separator() {
@ -866,6 +863,13 @@ fileout_insert_warning() {
# See #815. Make sure we don't mess up the JSON PRETTY format if we complain with a client side warning. # See #815. Make sure we don't mess up the JSON PRETTY format if we complain with a client side warning.
# This should only be called if an *extra* warning will be printed (previously: 'fileout <extra_warning_ID> "WARN" ' # This should only be called if an *extra* warning will be printed (previously: 'fileout <extra_warning_ID> "WARN" '
# arg1: json identifier, arg2: normally "WARN", arg3: finding # arg1: json identifier, arg2: normally "WARN", arg3: finding
#
# Also, we have to be careful with any form of mass testing so that a warning won't lead to an invalid
# JSON file. As any child will do any check as well (to be reconsidered later), we don't need also the parent
# to issue warnings upfront, see #1169. As a detection we'll use --file as in the children jobs it'll be removed:
[[ "$CMDLINE=" =~ --file ]] && return 0
# Note we still have the message on screen + in HTML which is not as optimal as it could be
if "$do_pretty_json"; then if "$do_pretty_json"; then
echo -e " \"clientProblem${CLIENT_PROB_NO}\" : [" >>"$JSONFILE" echo -e " \"clientProblem${CLIENT_PROB_NO}\" : [" >>"$JSONFILE"
CLIENT_PROB_NO=$((CLIENT_PROB_NO + 1)) CLIENT_PROB_NO=$((CLIENT_PROB_NO + 1))
@ -6816,7 +6820,7 @@ extract_stapled_ocsp() {
ocsp_len=2*$(hex2dec "${tls_certificate_status_ascii:8:6}") ocsp_len=2*$(hex2dec "${tls_certificate_status_ascii:8:6}")
STAPLED_OCSP_RESPONSE="${ocsp:14:ocsp_len}" STAPLED_OCSP_RESPONSE="${ocsp:14:ocsp_len}"
fi fi
return 0 return 0
} }
# arg1 is "-cipher <OpenSSL cipher>" or empty # arg1 is "-cipher <OpenSSL cipher>" or empty
@ -6871,7 +6875,7 @@ get_server_certificate() {
# throwing 1st every cipher/protocol at the server to know what works # throwing 1st every cipher/protocol at the server to know what works
success=7 success=7
if [[ "$OPTIMAL_PROTO" == "-ssl2" ]]; then if [[ "$OPTIMAL_PROTO" == -ssl2 ]]; then
$OPENSSL s_client $STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY -ssl2 </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY -ssl2 </dev/null 2>$ERRFILE >$TMPFILE
sclient_connect_successful $? $TMPFILE && success=0 sclient_connect_successful $? $TMPFILE && success=0
if [[ $success -eq 0 ]]; then if [[ $success -eq 0 ]]; then
@ -6889,7 +6893,7 @@ get_server_certificate() {
sclient_connect_successful $? $TMPFILE && grep -a 'TLS server extension' $TMPFILE >$TEMPDIR/tlsext.txt sclient_connect_successful $? $TMPFILE && grep -a 'TLS server extension' $TMPFILE >$TEMPDIR/tlsext.txt
for proto in $protocols_to_try; do for proto in $protocols_to_try; do
[[ 1 -eq $(has_server_protocol $proto) ]] && continue [[ 1 -eq $(has_server_protocol $proto) ]] && continue
[[ "$proto" == "ssl3" ]] && ! "$HAS_SSL3" && continue [[ "$proto" == ssl3 ]] && ! "$HAS_SSL3" && continue
addcmd="" addcmd=""
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $SNI -$proto -tlsextdebug $npn_params -status -msg") </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $SNI -$proto -tlsextdebug $npn_params -status -msg") </dev/null 2>$ERRFILE >$TMPFILE
if sclient_connect_successful $? $TMPFILE; then if sclient_connect_successful $? $TMPFILE; then
@ -6900,7 +6904,7 @@ get_server_certificate() {
done # this loop is needed for IIS6 and others which have a handshake size limitations done # this loop is needed for IIS6 and others which have a handshake size limitations
if [[ $success -eq 7 ]]; then if [[ $success -eq 7 ]]; then
# "-status" above doesn't work for GOST only servers, so we do another test without it and see whether that works then: # "-status" above doesn't work for GOST only servers, so we do another test without it and see whether that works then:
[[ "$proto" == "ssl3" ]] && ! "$HAS_SSL3" && return 7 [[ "$proto" == ssl3 ]] && ! "$HAS_SSL3" && return 7
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $SNI -$proto -tlsextdebug") </dev/null 2>>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $SNI -$proto -tlsextdebug") </dev/null 2>>$ERRFILE >$TMPFILE
if ! sclient_connect_successful $? $TMPFILE; then if ! sclient_connect_successful $? $TMPFILE; then
if [ -z "$1" ]; then if [ -z "$1" ]; then
@ -17065,13 +17069,13 @@ create_mass_testing_cmdline() {
debugme echo "${CMDLINE_ARRAY[@]}" debugme echo "${CMDLINE_ARRAY[@]}"
for cmd in "${CMDLINE_ARRAY[@]}"; do for cmd in "${CMDLINE_ARRAY[@]}"; do
"$skip_next" && skip_next=false && continue "$skip_next" && skip_next=false && continue
if [[ "$cmd" == "--file"* ]]; then if [[ "$cmd" =~ --file ]]; then
# Don't include the "--file[=...] argument in the child's command # Don't include the "--file[=...] argument in the child's command
# line, but do include "--warnings=batch". # line, but do include "--warnings=batch".
MASS_TESTING_CMDLINE[nr_cmds]="--warnings=batch" MASS_TESTING_CMDLINE[nr_cmds]="--warnings=batch"
nr_cmds+=1 nr_cmds+=1
# next is the file itself, as no '=' was supplied # next is the file itself, as no '=' was supplied
[[ "$cmd" == '--file' ]] && skip_next=true [[ "$cmd" == --file ]] && skip_next=true
elif [[ "$testing_type" == "serial" ]]; then elif [[ "$testing_type" == "serial" ]]; then
if "$JSONHEADER" && [[ "$cmd" == "--jsonfile-pretty"* ]]; then if "$JSONHEADER" && [[ "$cmd" == "--jsonfile-pretty"* ]]; then
>"$TEMPDIR/jsonfile_child.json" >"$TEMPDIR/jsonfile_child.json"
@ -18274,7 +18278,7 @@ lets_roll() {
if "$do_mass_testing"; then if "$do_mass_testing"; then
prepare_logging prepare_logging
if [[ "$MASS_TESTING_MODE" == "parallel" ]]; then if [[ "$MASS_TESTING_MODE" == parallel ]]; then
run_mass_testing_parallel run_mass_testing_parallel
else else
run_mass_testing run_mass_testing